Menu
In Rails 4, typically I would only permit certain parameters when a form is submitted by declaring a private function with the following code:
params.require(:object).permit(:name, :email, :phone)
However, I'm using form_tag instead of form_for and therefore each field is submitted in the params hash. As I'm not a ruby/rails expert, what's the best way to permit these parameters in an efficient way?
Is this right?
params.require(:params).permit(:name, :email, :phone)
672
I think this is the correct solution:
params.permit(:name, :email, :phone)
You can alter the params.permit line like Lichtamberg suggested, however depending on your implementation, you might break other other routes (especially the RESTful ones). If this is the only page that behaves like this (with the form_tag), one thing you can do is alter the form inputs to match the structure of a regular form_for form by passing in the name of the variable, like so:
<%= label_tag :object, :name %>
<%= text_field_tag :object, :name %>
This then results in a parameter map that looks like:
{
:object => {
:name => "tommyd456",
:email => "[email protected]"
...etc ...etc
Which is then perfectly valid for the original params.require(:object) line.
Check out this link from the Rails documentation for more info.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
